def setUp(self):
backend.testSetUp()
self.settings(LOGGING_CONFIG=None)
self.handler = handlers.JSONContentHandler()
self.c = Client(
HTTP_ACCEPT=self.handler.mime,
REMOTE_USER='******',
X_RESTAUTH_VERSION='0.7'
)
self.service = service_create('vowi', 'vowi', '127.0.0.1', '::1')
self.service2 = service_create('example.net', 'nopass', '127.0.0.1', '::1')
# add permissions:
u_ct = ContentType.objects.get(app_label="Users", model="serviceuser")
p_ct = ContentType.objects.get(app_label="Users", model="property")
g_ct = ContentType.objects.get(app_label="Groups", model="group")
# add user-permissions:
for codename, name in user_permissions:
p, c = Permission.objects.get_or_create(
codename=codename, content_type=u_ct, defaults={'name': name})
self.service.user_permissions.add(p)
for codename, name in prop_permissions:
p, c = Permission.objects.get_or_create(
codename=codename, content_type=p_ct, defaults={'name': name})
self.service.user_permissions.add(p)
for codename, name in group_permissions:
p, c = Permission.objects.get_or_create(
codename=codename, content_type=g_ct, defaults={'name': name})
self.service.user_permissions.add(p)
cache.clear()
def test_wrong_host(self):
service = service_create('example.com', 'nopass')
headers = self.set_auth('example.com', 'nopass')
resp = self.get('/users/', **headers)
self.assertEqual(resp.status_code, http_client.UNAUTHORIZED)
service.add_hosts('127.0.0.1')
headers['REMOTE_ADDR'] = '127.0.0.2'
resp = self.get('/users/', **headers)
self.assertEqual(resp.status_code, http_client.UNAUTHORIZED)
def test_wrong_host(self):
service = service_create('vowi', 'vowi')
self.set_auth('vowi', 'vowi')
resp = self.get('/users/')
self.assertEqual(resp.status_code, http_client.UNAUTHORIZED)
service.add_hosts('127.0.0.1')
self.set_auth('vowi', 'vowi')
self.extra['REMOTE_ADDR'] = '127.0.0.2'
resp = self.get('/users/')
self.assertEqual(resp.status_code, http_client.UNAUTHORIZED)
def test_method_now_allowed(self):
self.service = service_create('example.com', 'nopass', '127.0.0.1', '::1')
headers = self.set_auth('example.com', 'nopass')
for good_methods, path in PATHS:
for method in ['get', 'post', 'put', 'delete']:
if method not in good_methods:
if method in ['post', 'put']:
resp = getattr(self, method)(path, {}, **headers)
else:
resp = getattr(self, method)(path, **headers)
self.assertEqual(resp.status_code,
http_client.METHOD_NOT_ALLOWED)
def test_good_credentials(self):
self.service = service_create('example.com', 'nopass', '127.0.0.1', '::1')
u_ct = ContentType.objects.get(app_label="Users", model="serviceuser")
p, c = Permission.objects.get_or_create(
codename='users_list', content_type=u_ct,
defaults={'name': 'List all users'}
)
self.service.user_permissions.add(p)
headers = self.set_auth('example.com', 'nopass')
resp = self.get('/users/', **headers)
self.assertEqual(resp.status_code, http_client.OK)
self.assertCountEqual(self.parse(resp, 'list'), [])
def test_method_now_allowed(self):
self.service = service_create('vowi', 'vowi', '127.0.0.1', '::1')
self.set_auth('vowi', 'vowi')
for good_methods, path in PATHS:
for method in ['get', 'post', 'put', 'delete']:
if method not in good_methods:
if method in ['post', 'put']:
resp = getattr(self, method)(path, {})
else:
resp = getattr(self, method)(path)
self.assertEqual(resp.status_code,
http_client.METHOD_NOT_ALLOWED)
def test_good_credentials(self):
self.service = service_create('vowi', 'vowi', '127.0.0.1', '::1')
u_ct = ContentType.objects.get(app_label="Users", model="serviceuser")
p, c = Permission.objects.get_or_create(
codename='users_list',
content_type=u_ct,
defaults={'name': 'List all users'})
self.service.user_permissions.add(p)
self.set_auth('vowi', 'vowi')
resp = self.get('/users/')
self.assertEqual(resp.status_code, http_client.OK)
self.assertItemsEqual(self.parse(resp, 'list'), [])
def test_permission_denied(self):
self.service = service_create('example.com', 'nopass', '127.0.0.1', '::1')
headers = self.set_auth('example.com', 'nopass')
for methods, path in PATHS:
for method in methods:
if method in ['post', 'put']:
resp = getattr(self, method)(path, {}, **headers)
else:
resp = getattr(self, method)(path, **headers)
self.assertEqual(resp.status_code, http_client.FORBIDDEN)
# manually handle /groups/?user=foobar
resp = self.get('/groups/', {'user': '******'}, **headers)
self.assertEqual(resp.status_code, http_client.FORBIDDEN)
def test_permission_denied(self):
self.service = service_create('vowi', 'vowi', '127.0.0.1', '::1')
self.set_auth('vowi', 'vowi')
for methods, path in PATHS:
for method in methods:
if method in ['post', 'put']:
resp = getattr(self, method)(path, {})
else:
resp = getattr(self, method)(path)
self.assertEqual(resp.status_code, http_client.FORBIDDEN)
# manually handle /groups/?user=foobar
resp = self.get('/groups/', {'user': '******'})
self.assertEqual(resp.status_code, http_client.FORBIDDEN)
def setUp(self):
self.settings(LOGGING_CONFIG=None)
self.c = Client()
self.handler = handlers.json()
self.extra = {
'HTTP_ACCEPT': self.handler.mime,
'REMOTE_USER': '******',
'content_type': self.handler.mime,
}
self.service = service_create('vowi', 'vowi', '127.0.0.1', '::1')
# add permissions:
u_ct = ContentType.objects.get(app_label="Users", model="serviceuser")
p_ct = ContentType.objects.get(app_label="Users", model="property")
g_ct = ContentType.objects.get(app_label="Groups", model="group")
# add user-permissions:
for codename, name in user_permissions:
p, c = Permission.objects.get_or_create(codename=codename,
content_type=u_ct,
defaults={'name': name})
self.service.user_permissions.add(p)
for codename, name in prop_permissions:
p, c = Permission.objects.get_or_create(codename=codename,
content_type=p_ct,
defaults={'name': name})
self.service.user_permissions.add(p)
for codename, name in group_permissions:
p, c = Permission.objects.get_or_create(codename=codename,
content_type=g_ct,
defaults={'name': name})
self.service.user_permissions.add(p)
cache.clear()
def test_create_invalid_host(self):
try:
service_create('fs:inf', 'foobar')
self.fail()
except ServiceUsernameNotValid:
self.assertCountEqual(Service.objects.all(), [self.service])
def setUp(self):
self.service = service_create('example.com', 'nopass')
def test_no_credentials(self):
service_create('example.com', 'nopass', '127.0.0.1', '::1')
headers = self.set_auth('', '')
resp = self.get('/users/', **headers)
self.assertEqual(resp.status_code, http_client.UNAUTHORIZED)
def test_wrong_password(self):
service_create('vowi', 'vowi', '127.0.0.1', '::1')
self.set_auth('vowi', 'fsinf')
resp = self.get('/users/')
self.assertEqual(resp.status_code, http_client.UNAUTHORIZED)
def test_wrong_password(self):
service_create('example.com', 'nopass', '127.0.0.1', '::1')
headers = self.set_auth('vowi', 'fsinf')
resp = self.get('/users/', **headers)
self.assertEqual(resp.status_code, http_client.UNAUTHORIZED)
def test_create_invalid_host(self):
try:
service_create('fs:inf', 'foobar')
self.fail()
except ServiceUsernameNotValid:
self.assertItemsEqual(Service.objects.all(), [self.service])
def setUp(self):
self.service = service_create('vowi', 'vowi')
def test_no_credentials(self):
service_create('vowi', 'vowi', '127.0.0.1', '::1')
self.set_auth('', '')
resp = self.get('/users/')
self.assertEqual(resp.status_code, http_client.UNAUTHORIZED)
